Minio
v1.0.0MinIO integration. Manage data, records, and automate workflows. Use when the user wants to interact with MinIO data.
⭐ 0· 35·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the instructions: the skill instructs the agent to use the Membrane CLI to manage MinIO. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md stays within the stated scope: it describes installing the Membrane CLI, logging in, creating/using a MinIO connection, listing actions, running actions, and proxying MinIO API calls. It does not instruct the agent to read unrelated files, search the system, or exfiltrate data to unexpected endpoints.
Install Mechanism
The skill asks users to install @membranehq/cli via npm (global install). This is expected for a CLI-based integration but has the usual risks of installing a third-party npm package globally (supply-chain risk, permissions). The skill itself has no explicit install spec, so installation is manual and visible to the user.
Credentials
No environment variables, credentials, or config paths are requested by the skill. The SKILL.md explicitly recommends using Membrane connections instead of asking users for API keys, which is proportionate to its purpose.
Persistence & Privilege
Skill does not request always: true, does not modify other skills, and is user-invocable. It requires network access and a Membrane account as declared; autonomous invocation is enabled by default but not combined with other red flags.
Assessment
This skill delegates MinIO access to the Membrane service and its CLI. Before installing or using it: (1) confirm you trust Membrane (https://getmembrane.com and the GitHub repo) because the service will be able to access your MinIO data when you create a connection; (2) be aware the skill asks you to install an npm package globally — consider installing it in a controlled environment (container or non-root user) and verify the package/version; (3) the skill will open a browser for authentication (or provide a headless flow), so watch for where you grant permissions and what scope the connection requests; (4) no local secrets are requested by the skill, but if you connect Membrane to MinIO you are delegating auth to a third party — apply least privilege and audit/remove connections when no longer needed.Like a lobster shell, security has layers — review code before you run it.
latestvk977xdtw7n54e7a00c5a750khx8467ck
License
MIT-0
Free to use, modify, and redistribute. No attribution required.